<?php

require_once( '../../libs/smarty.inc' );
require_once( '../../libs/smt_variables.php' );
require_once( '../../libs/Class_DB.php' );
require_once( '../../libs/Class_ERROR.php' );
require_once( '../../libs/login.inc.php' );
require_once( '../../libs/const.php' );


require_once( '../../libs/new_smt_variables.php' );

require_once( '../../libs/PHPMailer/class.phpmailer.php' );


if( !in_array( "N", $_SESSION['ADMIN_LOGIN']['AUTH_CD'] ) ) exit;

if( $_SERVER['REQUEST_METHOD'] == 'GET' ){
	
	if($_GET['mod']=='old'){
		$order_id = $_GET['order_id'];
		$db = new Class_DB;
		$sql = "SELECT * FROM k_order_email WHERE order_id = '$order_id'";
		$result = $db ->query($sql);
		$row = mysql_fetch_array($result);
		$row['to'] = $row['eto'];
		$row['from'] = $row['efrom'];
		$row['subject'] = $row['esubject'];
		$row['no'] = $row['eno'];
		$smarty->assign('forms', $row);
		$smarty->assign('flag', 1);
	}else{
		$staff_id = $_SESSION['ADMIN_LOGIN']['STAFF_ID'];
		$order_id = $_GET['order_id'];
		$db = new Class_DB;
		$sql = "SELECT * FROM M_STAFF WHERE staff_id = $staff_id";
		$result = $db ->query($sql);
		$row = mysql_fetch_array($result);
		$from = $row['email'];
		
		$sql = "SELECT * FROM k_order_head WHERE order_id = '$order_id'";
		$result = $db ->query($sql);
		$row = mysql_fetch_array($result);
		$row['to'] = $row['email'];
		$row['from'] = $from;
		$row['order_id'] = $order_id;
		$smarty->assign('forms', $row);
	}
	
	
}else{
	
	$err = new Class_ERROR;
	$err_mes['from'] = $err->check( $_POST['from'], array("EXIST","EMAIL") );
	$err_mes['to'] = $err->check( $_POST['to'], array("EXIST","EMAIL") );
	$err_mes['subject'] = $err->check( $_POST['subject'], array("EXIST") );
	$err_mes['no'] = $err->check( $_POST['no'], array("EXIST") );
	$err_mes['context'] = $err->check( $_POST['context'], array("EXIST") );
	
	if( $err->clear ){
		$mail = new PHPMailer(true);
		try {
			$mail->Host       = "smtp.163.com"; // SMTP server
			$mail->IsSMTP();
			$mail->SMTPAuth   = true;                  // enable SMTP authentication
			//$mail->SMTPDebug  = 2;
			$mail->CharSet 	  = "utf-8";
			$mail->Encoding   = "base64";
			$mail->Username   = "csyingwu@163.com";  // MAIL username
			$mail->Password   = "yingwu";            // MAIL password
			$mail->Port = '25';
			$mail->SetFrom("csyingwu@163.com",$_SESSION['ADMIN_LOGIN']['STAFF_NAME']);
			$mail->AddReplyTo($_POST['from'],$_SESSION['ADMIN_LOGIN']['STAFF_NAME']);
			$mail->Subject    = $_POST['subject'];
			$mail->MsgHTML($_POST['context']);
			$mail->AddAddress($_POST['to'], $_POST['to']);
			$mail->Send();
			
			$order_id = $_POST['order_id'];
			$db = new Class_DB;
			$date = Date("Y/m/d");
			$sql = "UPDATE k_order_head SET email_status=1 , email_date='$date' WHERE order_id = '$order_id'";
			$db ->query($sql);
			
			$efrom = $_POST['from'];
			$eto = $_POST['to'];
			$esubject = $_POST['subject'];
			$context = $_POST['context'];
			$eno = $_POST['no'];
			$insert ="INSERT INTO k_order_email VALUES (null,'$order_id','$efrom','$eto','$esubject','$context','$date','$eno')";
			$db ->query($insert);
			$smarty->assign('order_id', $order_id);
			$smarty->assign('phase', 'complete');
		} catch (phpmailerException $e) {
			$err_mes['email'] = $e->errorMessage(); 
			$smarty->assign('err', $err_mes);
			$smarty->assign('forms', $_POST);
		} catch (Exception $e) {
			$err_mes['email'] = $e->getMessage();
			$smarty->assign('err', $err_mes);
			$smarty->assign('forms', $_POST);
		}
		
	}else{
		$smarty->assign('err', $err_mes);
		$smarty->assign('forms', $_POST);
	}
	
}


$menu_html = file_get_contents( $_SERVER['DOCUMENT_ROOT'].'/templates/web-admin/menu.html' );
$smarty->assign('menu_html', $menu_html);
$smarty->display('web-admin/order_email.html');


?>